User Tools

Site Tools


This is an old revision of the document!


dcrack distributes WPA/2 PSK cracking across multiple servers.


  • Server: It is the point of coordination for all cracking servers, aka clients.
  • Client: Cracking server. Reports back to the server. This one needs raw power.
  • User: sends commands to the server such as uploading wordlists, capture files, start cracking jobs and getting the status of the cracking jobs.

Getting started

A recent version Aircrack-ng and python is required on all systems.

Server set-up

Not much power or RAM is required for this system as it mostly receive commands from the user and communicates with clients.

./ server

It will listen on port 1337 (TCP). Firewall rules are recommended to limit access to the server between the user(s) and the server and between the server and the cracking client(s).

Client set-up

This system needs raw power to be able to crack fast. RAM is irrelevant. It needs to be able to reach the server over the network.

./ client <SERVER_IP>

Different systems will likely have different cracking speeds and the server adapts the workload (in this case, wordlists) to have all the systems finish at approximately the same time.

The client will first calculate its cracking speed and report it back to the server along with a client ID.

Cracking a capture file

Upload capture file


Capture file will be cleaned up too using wpaclean then uploaded. Take note of the BSSID as it will be required later on.

Upload wordlist

  ./ cmd <SERVER_IP> dict <WORDLIST_PATH>

WPA passphrases must be between 8 and 63 characters long which means anything outside of that range will be removed. It will the compress and upload.

Run cracking job

  ./ cmd <SERVER_IP> crack <BSSID>


Now, query the status once in a while. Remember that the cracking clients report back to the server every 60 seconds (except when cracking is done).

  ./ cmd <SERVER_IP> status


Protocol used is HTTP. There isn't any authentication or encryption for now and thus it is recommended to only use it in a trusted network and use firewall rules to prevent unauthorized access.

Once initiated, the client will do a benchmark to get the average speed and report back to the server along with a client ID. It will then poll the server for cracking jobs every 60 seconds. Once it receives one, it will gather the data required and start it.


  • In an untrusted network, use a SSH tunnel or any other protocol allowing authentication and eavesdropping.
  • If the capture file contains multiple handshakes, the best one will be selected. However, manual selection is strongly recommended in that case. Check out our WPA Capture analysis tutorial. Make sure to include at least one beacon in the capture file. If the network is hidden, an association frame is required too.
dcrack.1524097822.txt.gz · Last modified: 2018/04/19 02:30 by mister_x